Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326230333a3a2f34382d3438203d3e20323136333234.roa
File:                     326131343a373538313a326230333a3a2f34382d3438203d3e20323136333234.roa (raw, json)
Hash identifier:          8PWmLHPmzf41QuTQtsg2/eeBvFXjiwbBAowI0dXOFFU=
Subject key identifier:   4E:45:48:2E:43:E4:1D:D0:03:30:A2:C5:44:24:F9:16:6C:77:7C:14
Certificate issuer:       /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial:       273CDADC9C311D18D9327297BA91F5398549DA12
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326230333a3a2f34382d3438203d3e20323136333234.roa
Signing time:             Mon 13 May 2024 01:56:07 +0000
ROA not before:           Mon 13 May 2024 01:51:07 +0000
ROA not after:            Mon 12 May 2025 01:56:07 +0000
asID:                     216324
IP address blocks:        2a14:7581:2b03::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 07:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:3c:da:dc:9c:31:1d:18:d9:32:72:97:ba:91:f5:39:85:49:da:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
        Validity
            Not Before: May 13 01:51:07 2024 GMT
            Not After : May 12 01:56:07 2025 GMT
        Subject: CN=4E45482E43E41DD00330A2C54424F9166C777C14
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:6a:3e:99:31:1a:07:c8:96:da:ca:5b:90:ce:
                    28:7c:9e:2d:b3:73:69:d8:31:0e:96:d9:ca:3d:de:
                    67:00:04:78:4c:32:1e:7b:71:a8:21:ae:eb:18:77:
                    17:13:6d:5c:83:ee:cc:4e:d4:c8:ff:24:aa:8f:db:
                    6b:96:f6:e6:e6:4e:60:aa:a0:16:ac:97:89:32:fa:
                    d0:1a:36:c7:fc:ac:cb:cb:91:31:48:f5:5f:e4:ac:
                    89:54:97:5e:f6:1f:8b:6b:80:06:32:df:d2:4a:1e:
                    e7:27:66:0b:b5:8c:28:8c:e2:0e:33:92:11:4f:fd:
                    c9:cf:02:69:60:5e:f9:fb:ea:7c:b8:d6:7f:ac:54:
                    b3:2d:a3:2e:75:21:e3:85:b9:26:f6:8f:de:9f:6c:
                    88:a8:09:50:77:f6:b5:85:69:01:35:05:3d:39:8f:
                    97:dc:f6:40:af:2b:b6:7d:13:0f:26:d9:db:7a:23:
                    e4:83:4e:43:1a:03:aa:62:5a:51:71:51:9f:fc:62:
                    17:58:dd:84:67:12:0a:5f:da:57:73:30:ba:66:42:
                    73:02:e6:9c:a2:2d:7d:32:ce:a5:2d:1d:ad:7a:7d:
                    7a:4a:02:d0:f4:61:77:e3:92:f1:d7:59:2c:32:6c:
                    3f:0e:17:63:42:46:ae:7d:78:95:47:c3:f3:8f:3a:
                    b4:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:45:48:2E:43:E4:1D:D0:03:30:A2:C5:44:24:F9:16:6C:77:7C:14
            X509v3 Authority Key Identifier:
                keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326230333a3a2f34382d3438203d3e20323136333234.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:2b03::/48

    Signature Algorithm: sha256WithRSAEncryption
         b4:74:54:85:eb:18:20:03:6e:9f:67:52:bd:c1:55:4a:13:04:
         8b:bf:2a:54:7d:ba:af:2d:62:72:26:dc:e7:80:09:ac:66:46:
         99:06:37:4b:3a:fc:a0:07:be:7c:07:75:43:86:0a:4c:41:cb:
         ac:8e:21:27:96:e1:b4:0f:3f:0e:aa:54:c2:99:61:63:15:d1:
         cc:d6:48:f7:09:65:8b:03:83:ff:42:9f:20:3e:e3:b5:3c:78:
         98:95:85:b5:82:92:24:25:c1:34:79:0f:14:fe:df:a1:4d:cc:
         d3:9d:3a:c6:c7:a0:7b:1e:ac:06:5c:e0:ac:00:8a:b2:9c:48:
         d2:4b:c6:84:5a:f4:d7:7c:14:33:8b:39:78:1b:e8:7b:ff:d5:
         61:c9:fd:9e:08:80:5e:bc:e7:cb:aa:1f:89:9b:72:2b:39:2e:
         fa:4b:1d:dd:66:15:11:02:cc:1a:89:92:16:eb:00:a8:86:96:
         cd:0a:7b:3c:11:18:ab:58:27:51:c0:00:c5:cb:30:db:0a:49:
         29:fe:46:73:6b:02:e0:b5:d9:22:b2:51:19:56:09:94:2b:0d:
         81:65:d8:bb:82:9e:36:4a:e8:1d:ad:52:3d:61:29:25:45:13:
         61:28:fb:21:ab:ec:8f:07:42:95:b4:1c:c7:e3:bc:3d:91:8e:
         52:87:71:a2
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUJzza3JwxHRjZMnKXupH1OYVJ2hIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNDA1MTMwMTUxMDdaFw0yNTA1MTIwMTU2MDdaMDMxMTAvBgNV
BAMTKDRFNDU0ODJFNDNFNDFERDAwMzMwQTJDNTQ0MjRGOTE2NkM3NzdDMTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbaj6ZMRoHyJbayluQzih8ni2z
c2nYMQ6W2co93mcABHhMMh57caghrusYdxcTbVyD7sxO1Mj/JKqP22uW9ubmTmCq
oBasl4ky+tAaNsf8rMvLkTFI9V/krIlUl172H4trgAYy39JKHucnZgu1jCiM4g4z
khFP/cnPAmlgXvn76ny41n+sVLMtoy51IeOFuSb2j96fbIioCVB39rWFaQE1BT05
j5fc9kCvK7Z9Ew8m2dt6I+SDTkMaA6piWlFxUZ/8YhdY3YRnEgpf2ldzMLpmQnMC
5pyiLX0yzqUtHa16fXpKAtD0YXfjkvHXWSwybD8OF2NCRq59eJVHw/OPOrSxAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUTkVILkPkHdADMKLFRCT5Fmx3fBQwHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMyNjIzMDMzM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM2MzMzMjM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gSsDMA0GCSqGSIb3DQEBCwUAA4IBAQC0
dFSF6xggA26fZ1K9wVVKEwSLvypUfbqvLWJyJtzngAmsZkaZBjdLOvygB758B3VD
hgpMQcusjiEnluG0Dz8OqlTCmWFjFdHM1kj3CWWLA4P/Qp8gPuO1PHiYlYW1gpIk
JcE0eQ8U/t+hTczTnTrGx6B7HqwGXOCsAIqynEjSS8aEWvTXfBQzizl4G+h7/9Vh
yf2eCIBevOfLqh+Jm3IrOS76Sx3dZhURAswaiZIW6wCohpbNCns8ERirWCdRwADF
yzDbCkkp/kZzawLgtdkislEZVgmUKw2BZdi7gp42SugdrVI9YSklRRNhKPshq+yP
B0KVtBzH47w9kY5Sh3Gi
-----END CERTIFICATE-----
Generated at Sat Jun 15 17:58:02 2024 by rpki-client on console-ams.rpki-client.org